Don Marti, Linux Journal editor, did an interesting patent search in March. He found Caldera has never had a patent assigned to it . . . So, if SCO is interested in throwing the first stone in a licensing war, all they have to play with is copyright on UNIX source code. (Follow the Patents, People, Linux Journal News Notes 6 March 2003) Please also see Microsoft licenses a SCO patent? What patent?, also by Don Marti. (Links in Resources section at the end of this article on page 5.)

Considering Novell's announcement that SCO does not even own the Unix copyrights, SCO just might not have any rocks at all to throw.

The chain of title for whatever rights to Unix SCO-Caldera now might have looks like this:

SCO (SCOX), the company formerly known as Caldera (CALD), and its CEO, Darl McBride have been making vague and unsupported allegations that there is SCO-owned Unix code in Linux.

Additionally SCO-Caldera and McBride have been making innuendos, if not out and out threats, of copyright and/or patent infringement enforcement actions and lawsuits against Linux kernel and GNU/Linux operating system developers, plus Linux distribution providers (LDPs) and even Linux end-users.

The grounds for these threats are claims by SCO-Caldera and McBride alleging that SCO-owned Unix code is in Linux. The Linux community and Linus Torvalds pretty much have rejected these claims. Moreover, Novell (NOVL) CEO Jack Messman claims that Novell never transferred its Unix copyrights and patents to SCO. (Please see the Unix IP Note in the right sidebar further down.)

SCO NDA-Scam Problems

However, in an attempt to dodge around the mounting demands and pressure to publicly show where in Linux there is SCO-owned Unix code, SCO-Caldera and McBride are inviting people to look at the supposed SCO-owned Unix code in Linux -- as long as they play by SCO's rules to-wit, sign a confidentiality agreement or NDA (non-disclosure agreement) and make a pilgrimage to SCO-Caldera's Utah headquarters. There are several problems with McBride's proposal to show the allegedly tainted code only under confidentiality agreements or NDAs.

1). By requiring code observers to sign NDAs, SCO-Caldera can control what those code-observers reveal to the public. It's a suspect and tainted process from the get-go. That would be analogous to Saddam Hussein having required pre-war UN inspectors to sign agreements not to report on their findings. What use are inspectors, or in this case code observers, if they are not completely free to report on their observations -- including any tainted code?

3). The burden is on SCO-Caldera to prove there is SCO-owned Unix code in Linux. Since the burden is on SCO-Caldera, its demands that people and organizations sign SCO-Caldera NDAs so that SCO-Caldera can attempt to prove its claims are outrageous.

4). The showing would be made at SCO-Caldera headquarters in Utah. That means that those selected to see the code and signing the NDA would need to travel to Utah. That in itself is a burdensome inconvenience on those people.

Moreover, who pays the expenses? If SCO-Caldera pays the travel, lodging, food, and other expenses for these people that's impermissible gift giving and it generates conflicts of interest. If the people and/or their companies/organizations pay the expenses, then that is an unfair burden on them. We believe that the burden is on SCO-Caldera to go to the location(s) of the code observers to present its tainted code evidence -- not the other way around.

The burden clearly is on SCO-Caldera to take its evidence of tainted code to the public without any NDAs. The burden is on SCO-Caldera to prove there is tainted code in Linux -- not the other way around.

There is absolutely no burden on anyone in the Linux community to prove there is no tainted code in Linux. Only when and if SCO-Caldera states with specificity, clarity, and particularity, the files and lines in which SCO-Caldera alleges there is infringement of its alleged Unix copyrights does any burden fall on the Linux community to refute such claims. And so far, SCO-Caldera has not so stated.

SCO's McBride proposes to show the allegedly tainted Linux code, only under NDA, to some sort of panel of prominent Linux community members, media reporters, and analysts. Considering the above mentioned problems and other problems with the creditability of McBride's proposal, anyone who might fall for McBride's trap would likely lose their credibility and respect for participating in this scam. Moreover, any such panel members would have to be prepared to prove to the Linux kernel, GNU/Linux operating system, and Linux distribution developers that they have the coding knowledge and expertise necessary to determine whether what SCO shows them is on the level or just more SCO smoke and mirrors.

On the other hand, in an e-mail discussion about NDAs, Boston business practice attorney Thomas C. Carey noted: In looking at the issues presented by an NDA, the devil is in the details. That's very true.

Don Marti on NDAs

A good example of that caution is in a 20 May 2003 e-mail discussion with Linux Journal Editor Don Marti. He disagrees with the position we take in item 1, above. He mentioned: It is possible for the NDA to be set up so that a person on the panel will be able to publicly state his or her professional opinion on whether there has been copying, without identifying the location within the kernel. That's a point well taken.

In an e-mail discussion yesterday, we asked Don Marti: Even though it would be possible to carve an NDA as you suggest allowing a person on the panel to express publicly an opinion, what purpose does that serve without also publicly disclosing the actual code that is tainted?

Don Marti: The panel might state that it believes the code in question is an example of convergence, not copying. If two groups of programmers independently implement similar functionality in the same language, then it's likely that some code will look similar. Compare the size of Linux to the number of allegedly copied lines.

If the panel came to this conclusion, and was allowed to state it, it would be informative, and useful to the case. So if the NDA would allow the panel members to make generalizations, the panel could still be useful even without being able to cite specific filenames and line numbers.